Policy-driven spending controls for OpenClaw, Hermes, and MCP agents. Local-first. Zero credential exposure. MIT licensed.
Before any money moves, the gateway asks: should this agent be allowed to spend this amount with this merchant right now?
"Buy a domain for the project" can mean the same domain twice. Or the wrong TLD. Or at 3am. Without policy, the agent does exactly what you say — not what you meant.
"Please be careful with spending" is not a safety mechanism. It is a suggestion that an agent can ignore, misinterpret, or forget across sessions.
When an agent spends money, someone will ask "why did it buy this?" You need a clear answer: the policy, the approval, the timestamp, and the reason.
Define spending rules in a simple YAML file. Amount limits, merchant allowlists, category blocks, business hours, and duplicate windows. The agent cannot override them.
max_single_purchase: 50.00
require_human_approval_above: 25.00
allowed_merchants:
- namecheap.com
- github.com
dedupe_window_minutes: 30SQLite-backed deduplication prevents the same purchase from happening twice within a configurable time window. No more double domain registrations.
When a purchase exceeds your threshold, the gateway queues it for approval. Get a Telegram alert, tap yes or no, and the agent proceeds or stops.
Built as an MCP server for OpenClaw, Hermes, and any MCP-compatible agent. Integrates in minutes with a simple JSON config.
The gateway never sees your card, your token, or your Stripe credentials. It only emits decisions: APPROVED, REJECTED, or REQUIRES_APPROVAL.
I gave my OpenClaw agent a wallet and guardrails. Now it handles domain purchases, SaaS renewals, and SEO tool subscriptions — all within budget, all with proof.
Get started with the open-source gateway today.
npm install -g @actonce/spend-gateway
actonce-spend init
actonce-spend start --mcp
Open source. Self-hosted.
For solo builders.
For agencies and startups.
For production use.
No. The gateway is a decision engine only. It says yes, no, or wait. Stripe Link CLI or your preferred payment method handles the actual transaction.
No. The open-source version is entirely local. Policy files, logs, and the dedupe database live on your machine. No API keys, no external services.
Any MCP-compatible agent. Tested with OpenClaw and Hermes. Works with Claude Code, Cursor, and any framework that supports the Model Context Protocol.
The Pro version adds a hosted dashboard with multi-user approval routing, team analytics, and advanced policy templates. Join the waitlist to be notified when it launches.
The core gateway is open source under MIT license. You can use it, modify it, and redistribute it. The hosted Pro dashboard is a paid SaaS product for teams who need multi-user features.
Join the developers building safer agentic commerce.